36ea391cec988df62698d3099f31387b4df5502c64b54d78e3164ff2455c51c2

Sharing

Copy URL Twitter E-mail

General

Target

Betacraft.rar
Size

13.2MB
Sample

240310-lb1dmshd22
MD5

8b738d7e4b7dc12ec970fc6fb22a77a7
SHA1

d48dd0053cff785b9f54e5c51fb8001ce83fe42f
SHA256

36ea391cec988df62698d3099f31387b4df5502c64b54d78e3164ff2455c51c2
SHA512

378fd1b12a3ecd1ca767f05d37d532a2e9bc2489a02712c41df19311c658815a8288cfe466a98afb258d6fda6c797dc33f1d42b4c939251a746334bf020583b1
SSDEEP

393216:m6g6QVcbV9QAghO635cbLbiwzZBgPjFwD2mXUd:m6ghQ/6O6ULbin7OD2w6

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  Betacraft/Betacraft.exe
- Size
  
  10.0MB
- MD5
  
  37521dbf26b4ef6e592d36eedd5cc070
- SHA1
  
  5f5410cb9940cdb6e536a7183275a403d3a7416e
- SHA256
  
  71c66559e00822440a29ebe5509bceb71c005cdc482af327c461c6b18fb79b77
- SHA512
  
  43a3902e7a62b4d40093e7f9a7ae9b1884ee5528df4636713ed66ccd2d8e27068c47be5ed46953b8f1cfd8709f525c757179a80fd22ca18997a4e4238b8a44e7
- SSDEEP
  
  196608:CkHWUv4Kw3IDvnSiKFuSoVVBPUeFlEav+LDUI:5WUQ4jnSiKFuBBPUmlEav+XUI
Score

7^/10

discovery
- Modifies file permissions
  discovery
- Legitimate hosting services abused for malware hosting/C2
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1 behavioral2
- Target
  
  Betacraft/Qt6Core.dll
- Size
  
  6.2MB
- MD5
  
  ea87b9f7c2d7a298e7ec3a75c365e3cd
- SHA1
  
  e874107427b7f57c8004e15021108e4423d393bb
- SHA256
  
  ad7e2aefbc09fae1fc27c02810c7bbb2bca818a2ec53d049900b95bf2ed450eb
- SHA512
  
  26978d90a5b5327efb37077c1c74ffe3893373526c6e067d2f47767e55fc60d1dfca72aa284aee19b8f0aad9c9acde8138e128112e42bbf1bbab9d3365978219
- SSDEEP
  
  196608:WB09TAxlcwnh7PawMiPtzW1X1sIGwvrsbwkyLtfEtHwL2v2+f6jcQNUBFQgBikPq:WBSTAxlcwnFPawMiPtzW1OIGwvrEwkyB
Score

1^/10
behavioral3 behavioral4
- Target
  
  Betacraft/Qt6Gui.dll
- Size
  
  9.3MB
- MD5
  
  873a4f02b3dfedc2bcd8e50468a183e8
- SHA1
  
  0290df5c47f38d75f74e5d4c9431578f875b0f21
- SHA256
  
  e110467d488601c9e8394d9fc85583426afe24bfac2e83d53ef8c29dc9078135
- SHA512
  
  dd7f2b5b7727c9aac9107880ab374eef69d64e70096e333249c288f3c40aedc68bdd26f2de976b2ef8ab6455a42a3f2319c6219a6ba3ea8b9df18af8eb87b2ef
- SSDEEP
  
  196608:FbvsFciYVawzbeZyXtXf+tTBq8kQBaM03FrOJMOtRjZe3g6sSMFb9d9Mo1aPhy1e:Fb4ciYVawzbVtXf+tTBq8kQBaM03FrO4
Score

1^/10
behavioral5 behavioral6
- Target
  
  Betacraft/Qt6Widgets.dll
- Size
  
  6.3MB
- MD5
  
  6e31c9c15abb8ee9a267494c85ae4260
- SHA1
  
  04445c6a459537dfb0defd0f37bda9b4f95d3182
- SHA256
  
  4a2353808555a1b4cfefeb1c2cd81dd9e1cb0a44931e386a2049abf8081581ad
- SHA512
  
  4e4fb327c6a1ed8baa9e43cf7ccac4fcaea59a5f98995d4a14479f2027ab6a92ec38b383502df1bc3bef45ab177db15559c70bd54637d86d1329f6cca340935e
- SSDEEP
  
  196608:+s+sBwC5E0rX+6PYY3cELgdu2ZF3BGrAQij3+cKwwUscQGdcVI0FwXHxE/8nBciO:+s+sBwSRrX+6PYY3cELgdu2ZF3BGrAQV
Score

1^/10
behavioral7 behavioral8
- Target
  
  Betacraft/discord_game_sdk.dll
- Size
  
  3.3MB
- MD5
  
  4402cd4891c256ee40046c6092afdcbf
- SHA1
  
  914e01743c7591beb79a61417b262caeb23e2c20
- SHA256
  
  a6b6d7df00a58dc50248d91048578d0fe52182286b487ef89a961fd10467dbd1
- SHA512
  
  78da4181132a02d7d17ba4b2839018dc43d7d691c8bb01d34e5f7439df9c92951ce687e9487df158c44e764275b45d6800f6629ec2a175cc4ecdf868292291e5
- SSDEEP
  
  24576:Q/NGmO/w02OFM7zWIyjQYS2tBMPfL+8T14rbXojA4F8eEcu2sqhA+cGRlZVIH06R:3oOiaQAtBMPfCn/WDcGRxIU6iIdAk
Score

1^/10
behavioral10 behavioral9
- Target
  
  Betacraft/imageformats/qgif.dll
- Size
  
  47KB
- MD5
  
  e334303ce65aa711ad8816e7e93497c4
- SHA1
  
  894b8a6c21894eaff771a172a9cc2da9ef8e7cd4
- SHA256
  
  f909dd35b2a0ab905501e79658e492bb888b71ab99599eacaec0851e98b853a9
- SHA512
  
  07b467eee52e5e34d25f2ba2c0da29f24315c101bacfd198fb201457838e22dbf7cfbc5d61dd49c20cef7def25814da7d69d61868e45d4e40a0ec187723c5c9b
- SSDEEP
  
  768:2o3j9W6L8FZYDFwAAqnSUvsz+68uf0gKxnVbGYJlgN0EH9v/:Vj2WDFwAAen63f0gKxngehEH9n
Score

1^/10
behavioral11 behavioral12
- Target
  
  Betacraft/imageformats/qico.dll
- Size
  
  47KB
- MD5
  
  685d2195c27877f9a4404b98cd1fc0e7
- SHA1
  
  ccfb5b1137eff3f288c9770301ee17593b4287a5
- SHA256
  
  15549719d617179b57d9408288bfb5fd42679471a3cd0ee1c783ce5ef695cf8c
- SHA512
  
  9a22974b8bccb56b4d34db3d9fd564befbb13852a090b7e21224ccfbfba9bc3dbc6d6a4c89ee8b70f76cc25db62c37630613e3faa235a71677c24abc6b11ffd8
- SSDEEP
  
  768:oVt5yH7Lettw6V6MM9+7M6LUsgKxnVbGYJllTVdN0EHL:GqCttw6V6MMJ6LzgKxngeRVAEHL
Score

1^/10
behavioral13 behavioral14
- Target
  
  Betacraft/imageformats/qjpeg.dll
- Size
  
  463KB
- MD5
  
  a2598dc0afecc9179d4aa176ea306c0f
- SHA1
  
  8a9d382f884aa356c68c546ecc34096990017bac
- SHA256
  
  40e99d0fac21dda2c5196d7db56ce8a0fc578e66a6b27f98a4185fc143b815d0
- SHA512
  
  08d2806fc4800d557e48e1841b410f12240bcba29583f781533a656980b2ddf48aa4a094280360656a16da5ae2467b2c289efcbffc180bf7f06d3d2f620f3ef1
- SSDEEP
  
  6144:6h5OZF9FNmDV02eb6jFLXHVcs7MoRIrVSlZtlBxT1BweNxQBQSOTa6ExAE2i:YYcO6RLX1lIve1rTTpwmaxAE3
Score

1^/10
behavioral15 behavioral16
- Target
  
  Betacraft/imageformats/qsvg.dll
- Size
  
  39KB
- MD5
  
  72dca45741f78a3ce0bb65138793f3a7
- SHA1
  
  108928beec264c80a9d1cf6bd7aa5d432bb85680
- SHA256
  
  fcd81ee65b2c912e0b8695c3b9409263715085838878b3ecdafdc78f81b5c07d
- SHA512
  
  330977bf3ccf0db392d0100830eff623817bc936386b3dc6d2d75041293cb6ca78b1238b8c5ff50035d32fd7caa0484ef7ae90db951bbcf1c8c82dc997fb8eb9
- SSDEEP
  
  768:hGK1VSbAFaGx6tuwnvgKxnVbGYJlO9N0EHy:mAx6tZnvgKxngeOgEHy
Score

1^/10
behavioral17 behavioral18
- Target
  
  Betacraft/libgcc_s_seh-1.dll
- Size
  
  73KB
- MD5
  
  a839c13c8fcd337a056d62a005a6aee7
- SHA1
  
  c9f8f6ca8becd7fad39017fd45c0b7835bedf173
- SHA256
  
  8660371ef7b69772138ef71f9077ae5c742b4a9b768ccca59263d20e8dec1815
- SHA512
  
  90751af770300c136245d0d5113a305876ab00ceb8968b14693082239ccacb091991e6b5d07599d9e3d9044a9ebfb92c3adfbf23f8754cc3024fde7cf17d81a1
- SSDEEP
  
  1536:7/p/osyPFN2WX2d0lH6MhDAgtB24GIOS2AiBx:b7yPfVHhTtxOS2R/
Score

1^/10
behavioral19 behavioral20
- Target
  
  Betacraft/libstdc++-6.dll
- Size
  
  1.9MB
- MD5
  
  44f0f8c88e813509aa1eecd3acdbe261
- SHA1
  
  508fde8f55ef54e2a728c562f4e662a0e8b4cb92
- SHA256
  
  715612765ea5b513c497958111e2fb4101a69198568b1226e7a4b5f9c6b3df35
- SHA512
  
  a9a15079207364118e37f591c82f3408eb738e2dc7faaa552531655dac2f07798e3fdf8b7311c2c0297aec8e7cd6e8e73db21dce00a06bb6aa32d1f05a381cf2
- SSDEEP
  
  24576:0EpPUQtPF51u3E8DrEYEtPVCkWRBB+6wYzQixX3E+oYnhSMXlrB1EW25v0x4:1pPUQ1F51sE8DrEYEdVCk8wYxxETYs
Score

1^/10
behavioral21 behavioral22
- Target
  
  Betacraft/libwinpthread-1.dll
- Size
  
  52KB
- MD5
  
  11e800f423c7fcc83afcf43ba30b3784
- SHA1
  
  1b0c43e49f0e8a0adcf47ebafab0161c2a05c1ee
- SHA256
  
  48a1d7fb4f81671babb514a801946f49b7c4efc54aafe7caa81f9a582ac30690
- SHA512
  
  f71bb3c83a91fb9afba8eea186c74f9838ec157c6ceeb29c5892f3ae15adf29a03177775bf0b3aef75b2b30686ef79459b00902ff544c622d2fa44709ced7ff9
- SSDEEP
  
  768:4a9Vt/2t6or8cZFt13NOJAVTfPpij0At/cZRr0sgiPm3Yt:4a9VcAcZZ3gUbAyeiPm3Yt
Score

1^/10
behavioral23 behavioral24
- Target
  
  Betacraft/platforms/qwindows.dll
- Size
  
  1009KB
- MD5
  
  569c5edfc1d2a8607edc5ebc67625b0d
- SHA1
  
  3853fb6624b2e41d91fece9e84c9ab8aff60e3eb
- SHA256
  
  dd4530c1bed736e4e71e2d12133f27a413df29d7c26d4e0047f10d221b552bd2
- SHA512
  
  f8d012ce7e3127bb64916e084f5c200e32d1cb2a10d086c41970adb8cb71dbd37ceb16d824f448eb549d16bd348dc03f9f1b5f40ccabddb153a4950bdbaccc28
- SSDEEP
  
  24576:ZaFF6qqDXlPBcoRtUmyA0rLW0Znqz5Uc0miEyTKG/zlvP/QmxNUTSU3sWM:MF6qqJPSoRtUmy3rLWynqz5UrmtqKuzH
Score

1^/10
behavioral25 behavioral26

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

File and Directory Permissions Modification

T1222

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

T1102

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Modifies file permissions

Legitimate hosting services abused for malware hosting/C2

Looks up external IP address via web service

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26